Lucene search
MitreCVELIST:CVE-2024-36678HistoryJun 19, 2024 - 12:00 a.m.
CVE-2024-36678
2024-06-1900:00:00
mitre
www.cve.org
3
module theme settings
sql injection
promokit.eu
prestashop
ajax.php
EPSS
0.001
Percentile
43.7%
In the module βTheme settingsβ (pk_themesettings) <= 1.8.8 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection.
Related
vulnrichment
vulnrichment
CVE-2024-36678
2024-06-19 00:00:00
cve
cve
CVE-2024-36678
2024-06-19 21:15:57
nvd
nvd
CVE-2024-36678
2024-06-19 21:15:57